Trust & Security

Your business data is yours.
We keep it safe.

Merba is built around direct payments, role-scoped access, deterministic product workflows, and a clear boundary between private client records and intelligence features.

Read privacy policyView terms
One flat monthly price
No booking commissions
Real support from people

Trust & Security

Your business data is yours. We just keep it safe.

We're an early, Canadian-built platform — so instead of asking you to take our word for it, here's exactly how we handle your data, who touches it, and where your money goes. Sensitive tenant operations stay in deterministic product workflows; intelligence and media features are bounded to their own narrow use cases. No vague promises, no fine print buried three pages deep.

Your clients pay you — never us

Your clients pay you directly — Merba never holds or pools a cent. Invoices keep you in control of the money: they favour e-transfer by default, with card processing as an optional route when you want credit-card processing. Neither path earns Merba a commission on your bookings, shop, or repeat revenue. We charge one flat platform fee; everything else is pay-as-you-grow. If you ever leave, your client relationships and the way you get paid go with you.

Encryption & access control

  • Passwords hashed with bcrypt (cost factor 12) — never stored in plain text.
  • All traffic over TLS; session cookies are HTTP-only and same-site.
  • Role-based access (owner, stylist, receptionist, client) scopes every action.
  • Two-factor authentication, third-party sign-in, and phone verification supported.
  • Privacy audit logging records selected sensitive actions, including chart and client-profile access.
  • Charting, booking, invoices, approvals, and payment metadata run through deterministic platform workflows, not AI decision systems.

What we keep out of AI

  • Client lists, contact details, and appointment history are excluded from AI systems.
  • Chart notes and clinical records are role-scoped and are not intentionally sent to AI providers.
  • Payment details are never used to train or prompt any model.
  • Our AI features work from public business signals and your explicit input — not your private client book.

Who processes your data

We use a small set of established providers to run the platform. The public trust page keeps this simple; the deeper provider register lives on our Subprocessor Register. We disclose who helps operate Merba, while keeping proprietary prompts, routing logic, quality-control methods, and ad-production workflows internal. This aligns with our Privacy Policy. We don't sell your data, and we don't share it beyond what these services need to do their job.

Core platform

Hosting, database, storage, payments, email, SMS, and monitoring.

Optional integrations

Calendar, maps, CRM, social publishing, mobile, and push features when enabled.

AI and media

Provider use is bounded to requested business, creative, and media workflows.

View provider register →

Merba is operated from Ontario, Canada and provides controls customers can use as part of PIPEDA, PHIPA, or HIPAA-oriented workflows where the required controls and agreements are in place. See the full Subprocessor Register.

From the operators using Merba

Real businesses, named and shared with permission — nothing invented. As more operators share their experience, their words appear here.

After evaluating and using several practice management platforms over the years, Merba has been one of the most complete and user-friendly solutions I have found for the aesthetics/medical aesthetics industry.

As the owner of a busy medical aesthetics practice, finding a platform that can efficiently manage every aspect of my business has been invaluable. Merba has become an essential part of my daily operations and has helped me stay organized while enhancing the experience I provide to my clients.

What I appreciate most is that Merba is truly an all-in-one solution. It allows me to manage online bookings, showcase my services, sell products through an integrated online shop, create and maintain detailed client treatment records, and securely obtain medical director approvals directly within the client chart. Having all this information in one place has streamlined my workflow and improved compliance and documentation.

The platform also offers excellent client management tools, including automated reminders, online booking capabilities, invoicing, payment processing, loyalty programs and rewards systems. These features have helped improve client engagement.

One of the standout benefits is the analytics and business insights that help me better understand my practice performance. The built-in marketing tools and ad creation features make it easier to promote my services and attract new clients. I also appreciate the flexibility to add additional practitioners, each with their own schedule.

Most importantly, Merba is intuitive and easy to use. It has simplified many of the day-to-day challenges of running a medical aesthetic business, and has allowed me to focus more on my clients and less on administrative tasks.

I highly recommend Merba to anyone in the service industries, such as Aestheticians, Cosmetic Nurses, Tattoo Artists, Stylists, Medical Spas, and independent practitioners — or anyone looking for a comprehensive, modern platform to manage and grow their business. It has been a valuable and inexpensive investment for my practice, and I truly enjoy working with it.

Skin Medic logo

Marcelle

Skin Medic & Formula PhiMedical aesthetics practice

Want to be one of the next? Start free →

Questions about security or your data? Email privacy@merba.app — a real person answers.

    Trust & Security | Merba